Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE524F63EE511F0B9C536CDDAE4EC9C.roa
File: 2FE524F63EE511F0B9C536CDDAE4EC9C.roa (raw, json)
Hash identifier: qh4bf3XjBwt2ovpH45o5qB9aONhwAZCNWeJKv1gvINw=
Subject key identifier: F1:29:3A:94:B6:9F:50:86:A1:CD:F7:5E:4E:05:18:C9:50:A5:39:CE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018441
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE524F63EE511F0B9C536CDDAE4EC9C.roa
Signing time: Sun 01 Jun 2025 12:37:33 +0000
ROA not before: Sun 01 Jun 2025 12:37:28 +0000
ROA not after: Fri 27 Jun 2025 12:37:28 +0000
asID: 40779
IP address blocks: 154.219.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 07 Jun 2025 00:06:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99393 (0x18441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jun 1 12:37:28 2025 GMT
Not After : Jun 27 12:37:28 2025 GMT
Subject: CN=683c498c-46be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:1e:86:6e:d9:d8:80:0d:f6:fa:cb:83:ec:
e2:2f:1c:67:5e:aa:dc:0f:5f:9d:25:77:1d:ec:70:
92:31:64:08:b0:73:21:e9:60:3d:30:85:42:c7:bd:
b5:a4:a5:c4:4e:a8:ec:97:97:f4:c1:18:6a:2a:ba:
a2:98:46:19:79:f3:31:88:85:92:90:43:79:97:fe:
bf:89:f2:b0:5f:1e:44:ee:d8:b0:ce:46:4e:d8:81:
4e:bc:22:f3:45:66:64:69:f4:7e:3b:8f:88:98:8b:
6e:12:d0:bf:de:fe:a2:b2:e6:5a:3f:01:fc:a0:00:
db:4e:61:c5:92:e3:d1:7b:ad:de:b8:df:80:93:5d:
20:30:ce:bd:d4:a6:b0:86:43:26:c2:9c:bb:85:32:
db:9a:b2:a6:71:59:b5:95:16:53:e8:ce:8a:72:73:
bb:92:dc:7f:36:0d:36:62:0a:8a:51:80:66:ca:f2:
51:ba:49:91:b9:64:d4:67:7f:99:aa:b8:7a:26:f6:
ac:7b:0b:17:93:b9:1a:c9:42:83:30:fa:82:5d:8f:
00:6c:fe:90:97:fb:d1:75:43:fc:39:54:b4:84:c7:
c9:79:83:42:20:45:ec:0c:3a:98:d8:c3:96:c1:8f:
12:4b:fa:23:2c:8e:69:5b:eb:f3:c4:c2:51:db:b6:
de:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:29:3A:94:B6:9F:50:86:A1:CD:F7:5E:4E:05:18:C9:50:A5:39:CE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2FE524F63EE511F0B9C536CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.219.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:f1:db:91:42:04:52:84:a4:d3:37:9e:14:bf:50:2c:02:b9:
8b:4d:c4:91:f6:a9:10:fc:c3:d4:0a:e7:2e:4f:04:87:3b:be:
0d:95:c7:22:21:43:1f:44:8b:61:d7:13:df:46:dd:64:53:6e:
9c:98:4a:20:7a:43:c2:c2:43:23:31:36:d0:dd:46:11:e8:15:
25:20:b4:b3:49:b4:bc:95:af:c1:c3:f0:6c:80:ea:38:cc:c0:
d8:e1:20:04:0d:4b:2f:a4:6e:e1:dc:19:fb:bb:54:f0:fa:0b:
59:58:29:2c:20:df:59:e9:d0:1d:d8:9a:f9:55:05:d6:b8:8b:
5a:1d:9b:d2:da:f7:72:1b:c9:37:1b:92:9f:dc:6a:28:de:1a:
eb:36:b6:78:ab:a8:a4:9d:12:a6:8e:5e:6e:c6:c9:be:4b:03:
27:0e:9d:e1:69:c6:dd:44:4f:45:93:be:fa:d2:f6:01:a8:4c:
87:1c:3d:81:fd:90:12:78:9c:33:e4:a5:f7:eb:f8:0f:ad:45:
48:2a:df:2e:f5:37:58:7b:da:e0:5a:f8:f4:70:56:27:be:74:
76:99:af:e2:25:72:56:1f:77:dc:34:c0:04:4d:4d:20:b1:09:
af:a8:97:c2:2f:11:fa:7a:81:d8:de:97:cc:30:27:d6:24:73:
d6:fc:9f:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYRBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNjAxMTIzNzI4WhcNMjUwNjI3MTIzNzI4WjAYMRYw
FAYDVQQDEw02ODNjNDk4Yy00NmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArM0ehm7Z2IAN9vrLg+ziLxxnXqrcD1+dJXcd7HCSMWQIsHMh6WA9MIVC
x721pKXETqjsl5f0wRhqKrqimEYZefMxiIWSkEN5l/6/ifKwXx5E7tiwzkZO2IFO
vCLzRWZkafR+O4+ImItuEtC/3v6isuZaPwH8oADbTmHFkuPRe63euN+Ak10gMM69
1KawhkMmwpy7hTLbmrKmcVm1lRZT6M6KcnO7ktx/Ng02YgqKUYBmyvJRukmRuWTU
Z3+Zqrh6JvasewsXk7kayUKDMPqCXY8AbP6Ql/vRdUP8OVS0hMfJeYNCIEXsDDqY
2MOWwY8SS/ojLI5pW+vzxMJR27beKwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPEp
OpS2n1CGoc33Xk4FGMlQpTnOMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRkU1MjRGNjNFRTUxMUYwQjlDNTM2Q0REQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFmttgMA0GCSqGSIb3DQEB
CwUAA4IBAQCa8duRQgRShKTTN54Uv1AsArmLTcSR9qkQ/MPUCucuTwSHO74Nlcci
IUMfRIth1xPfRt1kU26cmEogekPCwkMjMTbQ3UYR6BUlILSzSbS8la/Bw/BsgOo4
zMDY4SAEDUsvpG7h3Bn7u1Tw+gtZWCksIN9Z6dAd2Jr5VQXWuItaHZvS2vdyG8k3
G5Kf3Goo3hrrNrZ4q6iknRKmjl5uxsm+SwMnDp3hacbdRE9Fk7760vYBqEyHHD2B
/ZASeJwz5KX36/gPrUVIKt8u9TdYe9rgWvj0cFYnvnR2ma/iJXJWH3fcNMAETU0g
sQmvqJfCLxH6eoHY3pfMMCfWJHPW/J8A
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:29:27 2025 by rpki-client